-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory security@debian.org http://www.debian.org/security/ Wichert Akkerman September 5, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local exploit Debian-specific: no Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code. An earlier advisory listed the updates for Debian 2.2/potato. This advisory contains updates for Debian 2.1/slink. For information about the found problems please see the previous advisory which is available online at http://www.debian.org/security/2000/20000902 . UPDATE: the packages mentioned in the previous problem had a bug that prevented some patches from being applied. This has been fixed in version 2.0.7.19981211-6.3 . wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.1 alias slink - ------------------------------------ Fixed packages are available for the Intel ia32 architecture. Source archives: http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.diff.gz MD5 checksum: 2b311a94e69a4a7f68cb0102e196a44b http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211-6.3.dsc MD5 checksum: f3952ccdd5915da0dcc86666e63ef63b http://security.debian.org/dists/slink/updates/source/glibc_2.0.7.19981211.orig.tar.gz MD5 checksum: 91724410e14a2b2b719dc44cf95067f1 Intel ia32 architecture: http://security.debian.org/dists/slink/updates/binary-i386/libc6-dbg_2.0.7.19981211-6.3_i386.deb MD5 checksum: 0642d23a5535c266b8ded9f5db1d0aa2 http://security.debian.org/dists/slink/updates/binary-i386/libc6-dev_2.0.7.19981211-6.3_i386.deb MD5 checksum: 25a4ea99261834928afb208491ae3b23 http://security.debian.org/dists/slink/updates/binary-i386/libc6-pic_2.0.7.19981211-6.3_i386.deb MD5 checksum: 999c8024a1afb6c972379cf92f81251a http://security.debian.org/dists/slink/updates/binary-i386/libc6_2.0.7.19981211-6.3_i386.deb MD5 checksum: aa1e224108d653c9d7f5fdc8c62e51fb http://security.debian.org/dists/slink/updates/binary-i386/locales_2.0.7.19981211-6.3_i386.deb MD5 checksum: ec5b14e87f3db3dbc0448c9d72276ef1 http://security.debian.org/dists/slink/updates/binary-i386/timezones_2.0.7.19981211-6.3_i386.deb MD5 checksum: 34f86dde61ac8b5725eff2cf891858cc - -- - ---------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main dpkg-ftp:ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQB1AwUBObUJ5KjZR/ntlUftAQGJEwL/UFR6YWwQ9furE8vwxgQHD7UHQaChV/A5 8UCufQ/QBam6X6LKpWTBtplWctRk5DzH4A78MMZ0aMvuWB07WBINc+Yk1PgrLzCz xMYF7okdASDTMSWuXO0goMgViBfqioPE =ZhPq -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org